CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
hackread.com
Update Firefox to Patch CVE-2025-13016 Vulnerability Affecting 180 Million Users
AI security firm AISLE recently discovered a serious vulnerability in the Firefox web browser that went unnoticed for six months. This flaw could have let attackers run their own instructions on a use ...
-
The Cyber Express
Apache Syncope Passwords at Risk from Newly Disclosed CVE-2025-65998
A critical security flaw has been uncovered in Apache Syncope, the widely used open-source identity management system, potentially putting organizations at risk of exposing sensitive password informat ...
-
The Hacker News
ToddyCat’s New Hacking Tools Steal Outlook Emails and Microsoft 365 Access Tokens
Nov 25, 2025Ravie LakshmananMalware / Vulnerability The threat actor known as ToddyCat has been observed adopting new methods to obtain access to corporate email data belonging to target companies, ...
-
security.nl
'Honderden kwetsbare Monsta FTP-clients toegankelijk vanaf internet'
Honderden Monsta FTP-clients die vanaf het internet toegankelijk zijn bevatten een kritieke kwetsbaarheid waardoor ongeauthenticeerde aanvallers op afstand code op systemen kunnen uitvoeren. Dat laat ...
-
BleepingComputer
Dartmouth College confirms data breach after Clop extortion attack
Dartmouth College has disclosed a data breach after the Clop extortion gang leaked data allegedly stolen from the school's Oracle E-Business Suite servers on its dark web leak site. The private Ivy L ...
-
CybersecurityNews
Canon Allegedly Breached by Clop Ransomware via Oracle E-Business Suite 0-Day Hack
Canon has officially confirmed that it was targeted during the widespread hacking campaign exploiting a critical zero-day vulnerability in Oracle E-Business Suite (EBS). The attack, orchestrated by th ...
-
CybersecurityNews
HashiCorp Vault Vulnerability Allow Attackers to Authenticate to Vault Without Valid Credentials
A critical security flaw has been discovered in HashiCorp’s Vault Terraform Provider that could allow attackers to bypass authentication and access Vault without valid credentials. The vulnerability, ...
-
The Hacker News
CISA Warns of Active Spyware Campaigns Hijacking High-Value Signal and WhatsApp Users
Nov 25, 2025Ravie LakshmananSpyware / Mobile Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday issued an alert warning of bad actors actively leveraging commercial ...
-
Daily CyberSecurity
CRITICAL: Fluent Bit Flaws Enable RCE and Telemetry Tampering in Major Orgs
Oligo Security researchers have uncovered a dangerous chain of vulnerabilities in Fluent Bit, the popular, lightweight telemetry agent used by major organizations—including in finance, delivery apps, ...
-
CybersecurityNews
NVIDIA’s Isaac-GROOT Robotics Platform Vulnerability Let Attackers Inject Malicious Codes
NVIDIA has disclosed two critical code injection vulnerabilities affecting its Isaac-GR00T robotics platform. The vulnerabilities, tracked as CVE-2025-33183 and CVE-2025-33184, exist within Python com ...